Passwords are used everywhere, but they have their limitations. SafelyFiled has just improved security with the addition of multi-factor authentication.
In previous blogs (see Password Frustration and Password Perils), we've expressed some of the limitations of passwords. For better or worse, passwords are the current state-of-the-practice web service authentication, but they are vulnerable to attack and not very adaptable. Once an attacker has figured out your password, there is no way for the service that relies only on passwords to distinguish between the attacker using your password, and you using your password.
Adding Multiple Forms of IDMulti-factor authentication can strengthen the authentication process by requiring multiple forms of ID. Even if attackers have figured out your password, they may not be able to provide the second (and third) forms of ID. Some security-sensitive web applications, e.g. banks and financial institutions, provide multi-factor authentication. With our update this week, SafelyFiled now also provides its members with the option of multi-factor authentication.
|May I see your ID, please?|
|Image credit: janmika / 123RF Stock Photo|
Intelligent AuthenticationIdeally your web application should be able to identify riskier authentication scenarios, and require multiple types of authentication in those situations. This is like when you go to your local grocery store, the cashier recognizes you and doesn't ask for additional identification when you write a check. But if you visit a grocery store on vacation, the cashier has never seen you before and will ask for additional identification before accepting a check from you.
With SafelyFiled you can select "Public-only" multi-factor authentication to do something similar. If you login to SafelyFiled from a machine address that SafelyFiled hasn't seen you use before or from a machine address that you have indicated is public (like a computer at the library), then SafelyFiled will require that you enter the access code it has sent to your mobile phone or email address. If you login from your home machine where you have logged in from many times before, SafelyFiled will not prompt you for an additional access code. This gives you the additional safety of multi-factor authentication in riskier cases, but gives you the convenience of password-only access when logging in from a physically safer environment.
Multi-factor Options in SafelyFiledFrom the "Manage Security" page, you can adjust how multi-factor authentication works for you. The initial default stance is to "Never require access code". We will likely change the default stance to "Only require access code for access from public machines" at some point in the future.
|The controls for multi-factor options on the Manage Security page in SafelyFiled.|
Take advantage of Multi-factor AuthenticationWe strongly encourage you to signup for the "Only require access code for public machines" option. This gives you increased protection from attackers, and has a reasonable ease of use trade-off.
Also review your other sensitive web services like bank and investment sites. They probably have multi-factor authentication options. Review what they offer and be sure that you take advantage of the increased security of more advanced authentication.